aliri 0.6.4

Implementations of the Javascript/JSON Object Signing and Encryption (JOSE) standards
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154

//! Implementations of the JSON Web Signature (JWS) standard
//!
//! The specifications for this standard can be found in [RFC7515][].
//!
//! [RFC7515]: https://tools.ietf.org/html/rfc7515

use std::{error::Error as StdError, fmt};

use serde::{Deserialize, Serialize};

use crate::jwa;

/// JSON Web Signature signing algorithms
///
/// This list may be expanded in the future.
#[derive(Debug, Clone, Copy, Eq, Hash, PartialEq, Serialize, Deserialize)]
#[serde(untagged)]
#[non_exhaustive]
pub enum Algorithm {
    /// HMAC symmetric
    #[cfg(feature = "hmac")]
    #[cfg_attr(docsrs, doc(cfg(feature = "hmac")))]
    Hmac(jwa::hmac::SigningAlgorithm),

    /// RSA public/private key pair
    #[cfg(feature = "rsa")]
    #[cfg_attr(docsrs, doc(cfg(feature = "rsa")))]
    Rsa(jwa::rsa::SigningAlgorithm),

    /// Elliptic curve cryptography
    #[cfg(feature = "ec")]
    #[cfg_attr(docsrs, doc(cfg(feature = "ec")))]
    EllipticCurve(jwa::ec::SigningAlgorithm),
}

#[cfg(feature = "hmac")]
#[cfg_attr(docsrs, doc(cfg(feature = "hmac")))]
impl Algorithm {
    /// The HS256 signing algorithm
    pub const HS256: Algorithm = Self::Hmac(jwa::hmac::SigningAlgorithm::HS256);
    /// The HS384 signing algorithm
    pub const HS384: Algorithm = Self::Hmac(jwa::hmac::SigningAlgorithm::HS384);
    /// The HS512 signing algorithm
    pub const HS512: Algorithm = Self::Hmac(jwa::hmac::SigningAlgorithm::HS512);
}

#[cfg(feature = "rsa")]
#[cfg_attr(docsrs, doc(cfg(feature = "rsa")))]
impl Algorithm {
    /// The RS256 signing algorithm
    pub const RS256: Algorithm = Self::Rsa(jwa::rsa::SigningAlgorithm::RS256);
    /// The RS384 signing algorithm
    pub const RS384: Algorithm = Self::Rsa(jwa::rsa::SigningAlgorithm::RS384);
    /// The RS512 signing algorithm
    pub const RS512: Algorithm = Self::Rsa(jwa::rsa::SigningAlgorithm::RS512);
    /// The PS256 signing algorithm
    pub const PS256: Algorithm = Self::Rsa(jwa::rsa::SigningAlgorithm::PS256);
    /// The PS384 signing algorithm
    pub const PS384: Algorithm = Self::Rsa(jwa::rsa::SigningAlgorithm::PS384);
    /// The PS512 signing algorithm
    pub const PS512: Algorithm = Self::Rsa(jwa::rsa::SigningAlgorithm::PS512);
}

#[cfg(feature = "ec")]
#[cfg_attr(docsrs, doc(cfg(feature = "ec")))]
impl Algorithm {
    /// The ES256 signing algorithm
    pub const ES256: Algorithm = Self::EllipticCurve(jwa::ec::SigningAlgorithm::ES256);
    /// The ES384 signing algorithm
    pub const ES384: Algorithm = Self::EllipticCurve(jwa::ec::SigningAlgorithm::ES384);
    /// The ES512 signing algorithm
    pub const ES512: Algorithm = Self::EllipticCurve(jwa::ec::SigningAlgorithm::ES512);
}

impl Algorithm {
    /// The expected output size of the algorithm's signature in bytes
    #[must_use]
    pub fn signature_size(self) -> usize {
        match self {
            #[cfg(feature = "hmac")]
            Self::Hmac(alg) => alg.signature_size(),

            #[cfg(feature = "rsa")]
            Self::Rsa(alg) => alg.signature_size(),

            #[cfg(feature = "ec")]
            Self::EllipticCurve(alg) => alg.signature_size(),
        }
    }
}

/// A JWS signer
pub trait Signer {
    /// The usable signature algorithms
    type Algorithm;

    /// The error returned on failure to sign
    type Error: fmt::Debug + fmt::Display + Sync + Send + 'static;

    /// Whether the specific algorithm provided is compatible
    /// with this signer
    fn can_sign(&self, alg: Self::Algorithm) -> bool;

    /// Attempts to sign the data provided using the specified algorithm
    ///
    /// # Errors
    ///
    /// This signer is unable to sign the data using the algorithm requested.
    fn sign(&self, alg: Self::Algorithm, data: &[u8]) -> Result<Vec<u8>, Self::Error>;
}

/// A JWS verifier
pub trait Verifier {
    /// The verifiable signature algorithms
    type Algorithm;

    /// The error returned on a failure to verify
    type Error: StdError + Send + Sync + 'static;

    /// Whether the specific algorithm provided is compatible
    /// with this verifier
    fn can_verify(&self, alg: Self::Algorithm) -> bool;

    /// Attempts to verify the data against the signature using the
    /// specified algorithm
    ///
    /// # Errors
    ///
    /// The data could not be verified according to the algorithm and signature provided.
    fn verify(
        &self,
        alg: Self::Algorithm,
        data: &[u8],
        signature: &[u8],
    ) -> Result<(), Self::Error>;
}

impl fmt::Display for Algorithm {
    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
        match self {
            #[cfg(feature = "hmac")]
            Self::Hmac(a) => fmt::Display::fmt(a, f),

            #[cfg(feature = "rsa")]
            Self::Rsa(a) => fmt::Display::fmt(a, f),

            #[cfg(feature = "ec")]
            Self::EllipticCurve(a) => fmt::Display::fmt(a, f),

            #[cfg(not(any(feature = "hmac", feature = "rsa", feature = "ec")))]
            _ => unreachable!(),
        }
    }
}